1. Field of the Invention
The present invention relates to the field of computer security. In particular, the present invention discloses a system for verifying that an unauthorized party has not tampered with computer program code.
2. Description of the Related Art
Computer security is one of the most pressing problems facing computer software makers. With the rise in popularity of the Internet, nearly every personal computer system is available on the Internet at one point or another. This great connectivity has provided many benefits to personal computer users. However, it has also provided a new host of problems to computer users. One of the biggest problems has been the rise of Internet transmitted viruses, worms, Trojan horses, and other malevolent programs.
Rogue computer programmers, sometimes known as “crackers”, often attempt to break into computer systems to steal information or make unauthorized changes. Crackers use many different types of attacks in attempts to break into a computer system. Common methods employed by computer crackers include Trojan horses (a seemingly benign computer program that has a hidden agenda), a computer virus (a piece of software that replicates itself from within a host program), a computer worm (a piece of software that replicates itself across a computer network), and social engineering (Deceiving a person with authorization codes into giving out those authorized codes).
These rogue computer programmers often alter existing legitimate programs by adding program code to perform unauthorized functions. By placing such authorized program code within legitimate programs, the rogue computer programmer thereby hides the unauthorized program code. The unauthorized code may thus dwell within a person's personal computer system without the person's knowledge for a long time. The unauthorized program code may destroy valuable data, waste computing resources (CPU cycles, network bandwidth, storage space, etc.), or pilfer confidential information.
In order to protect legitimate programs from such unauthorized adulteration, some software manufacturers generate a checksum of the program code. The checksum is a value calculated using the program code as input value such that each different computer program tends to have a different checksum value. The software manufacturer then digitally “signs” the checksum with a private key encryption key. Before running the computer program code, a user should then authenticate the program code. Specifically, the user has the personal computer system compute a checksum of the program code and then the computed checksum values is compared with the checksum calculated by the software manufacturer after decrypting it with the software manufacturer's public key. If the two checksums match, then the computer program is presumed to be authentic.
These existing checksum based protection systems have been known to work relatively well. However, these existing checksum based protection systems can take a long time to authenticate large computer programs. Therefore, it would be desirable to provide a system faster system for authenticating large computer programs.